Citrix CloudGateway Enterprise

Citrix AppController initial wizard:

Communication Failure

Check the account used for AD lookup is valid.

The Administrator’s email address does not exist in AD:

Make sure the administrator account in AD has a first & last name. In other words, don’t use the domain Administrator account. Create another account.
Currently, I don’t have Exchange configured on my domain.  Just populated AD email address with a valid email for my public domain (different to internal AD domain, however the public FQDN is the same). Email is hosted by my domain provider and I used the SMTP settings in the AppController wizard from my hosting co.

Domains: (Admin email address configured in AD) (user2’s email address configured in AD) (publicly accessible from the Internet). (not publically accessible) (Active Directory domain name)

AppController SSL Certificates.

Using Active Directory as the Certificate Authority (CA) 

  1. In the AppController (AC) configuration page, click Certificates.
  2. Click New…
  3. Select 2048
  4. Enter a common name. The FQDN of your AC server / appliance. Using the example above, mine is
  5. Complete the other information and click save.
  6. Copy the contents of the CSR.
  7. Connect to your AD domain controller running Certificate Authority services.
  8. Browse to https://localhost/certsrv.
  9. Click Request a certificate.
  10. Click advanced certificate request
  11. Click Submit a certificate request by using a base-64-encoded CMC or PKCS…
  12. Paste the CSR into the Saved Request text box.
  13. Select Web Server from the template drop-down*.
  14. Click Submit
  15. Select Base 64 encoded.
  16. Click Download certificate.
  17. Save as something meaningful: server-Base64.cer
  18. Click Download certificate chain.
  19. Save as something meaningful: chain-Base64.p7b
  20. Return to the AC.
  21. Click Import and select Server (.pfx)
  22. Browse to the location of server-Base64.cer and click OK, OK. (No password required)
  23. Click Import and select Trust (.pem)
  24. Browse to chain-Base64.p7b.
  25. Select server certificate and click Make Active.

That’s the certificate chain complete. Two certificate with a Description of “(imported)” and Type of Server and Trusted should exist in the list.


Page 47 of the Citrix CloudGateway Enterprise POC.
When trying to activate and “install” the file (on Windows, not Apple Mac), you get the following error:

“Cannot process provisioning file
Please contact your help desk with the following information:
SSL certificate was issued for a different name than the Update Server.
Cannot validate SSL”

It appears that the step to update the App Controller’s hostname was missed (Unless I’m blind). To fix:

  1. Log on to AppController (https://{}:4443.
  2. Click Settings tab.
  3. From the left menu, select Network Connectivity.
  4. Click the Edit link (next to the words “Network Connectivity”).
  5. Change the host name to match that of the one used in your SSL certificate. {}.
  6. Click Save.

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    Markdown is turned off in code blocks:
     [This is not a link](

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see

This site uses Akismet to reduce spam. Learn how your comment data is processed.